<!-- Faraday Penetration Test IDE -->
<!-- Copyright (C) 2013  Infobyte LLC (http://www.infobytesec.com/) -->
<!-- See the file 'doc/LICENSE' for the license information -->

<form name="form" novalidate>
    <div class="modal-header">
        <!--<div class="modal-button btn-toolbar">-->
        <!--<button class="btn btn-success" ng-click="modal.ok()" ng-disabled="form.$invalid || modal.data.severity === undefined || (modal.data.type === 'VulnerabilityWeb' && modal.host_parents) || modal.data.parents.length == 0">OK</button>-->
        <!--<button class="btn btn-danger" ng-click="modal.cancel()">Cancel</button>-->
        <!--</div>-->
        <h3 class="modal-title">Vulnerability creation</h3>
    </div>
    <div class="modal-body">
        <div class="mt-3">

            <div class="edit-vulns-dropdowns row" ng-init="modal.changeSeverity('unclassified')">

                <div class="btn-group col-md-3 col-sm-6 col-xs-6">
                    <button type="button" class="dropdown-toggle btn-change-property primary-btn"
                            data-toggle="dropdown"
                            id="btn-chg-severity"
                            title="{{modal.data.severity}}">
                        {{modal.data.severity || "Add Severity" | uppercase }}
                    </button>
                    <button type="button" class="dropdown-toggle secondary-btn btn-change-property"
                            data-toggle="dropdown"
                            id="caret-chg-severity"
                            title="Change severity">
                        <span> <i class="fa fa-angle-down fa-lg" aria-hidden="true"></i> </span>
                    </button>
                    <ul class="dropdown-menu dropdown-menu-right" role="menu">
                        <li>
                            <a class="ws"
                               ng-click="modal.changeSeverity('unclassified')">UNCLASSIFIED</a>
                            <a class="ws"
                               ng-click="modal.changeSeverity('info')">INFO</a>
                            <a class="ws"
                               ng-click="modal.changeSeverity('low')">LOW</a>
                            <a class="ws"
                               ng-click="modal.changeSeverity('med')">MEDIUM</a>
                            <a class="ws"
                               ng-click="modal.changeSeverity('high')">HIGH</a>
                            <a class="ws"
                               ng-click="modal.changeSeverity('critical')">CRITICAL</a>
                        </li>
                    </ul>
                </div>


                <div class="btn-group col-md-3 col-sm-6 col-xs-6">
                    <button type="button" class="dropdown-toggle btn-change-property primary-btn btn-primary-white"
                            data-toggle="dropdown"
                            id="btn-chg-ease_resolution"
                            title="{{modal.data.easeofresolution}}">
                        {{modal.data.easeofresolution || "Ease of Resolution"}}
                    </button>
                    <button type="button" class="dropdown-toggle secondary-btn btn-change-property btn-secondary-white"
                            data-toggle="dropdown"
                            id="caret-ease_resolution"
                            title="Change Ease of Resolution">
                        <span> <i class="fa fa-angle-down fa-lg" aria-hidden="true"></i> </span>
                    </button>
                    <ul class="dropdown-menu dropdown-menu-right" role="menu">
                        <li>
                            <a class="ws"
                               ng-click="modal.data.easeofresolution = null">Undetermined</a>
                            <a class="ws"
                               ng-click="modal.data.easeofresolution = 'trivial'">Trivial</a>
                            <a class="ws"
                               ng-click="modal.data.easeofresolution = 'simple'">Simple</a>
                            <a class="ws"
                               ng-click="modal.data.easeofresolution = 'moderate'">Moderate</a>
                            <a class="ws"
                               ng-click="modal.data.easeofresolution = 'difficult'">Difficult</a>
                            <a class="ws"
                               ng-click="modal.data.easeofresolution = 'infeasible'">Infeasible</a>
                        </li>
                    </ul>
                </div>

                <div class="customs-radio-inline">
                    <label class="radio-container"
                           ng-click="modal.data.type = 'Vulnerability'"
                           title="Change type to Vulnerability">
                        <h5>Vulnerability</h5>
                        <input type="radio" checked="checked" name="radio" ng-checked="modal.data.type === 'Vulnerability'">
                        <span class="checkmark"></span>
                    </label>
                    <label class="radio-container"
                           ng-click="modal.data.type = 'VulnerabilityWeb'"
                           title="Change type to Web Vulnerability">
                        <h5>Web Vulnerability</h5>
                        <input type="radio" name="radio" ng-checked="modal.data.type === 'VulnerabilityWeb'">
                        <span class="checkmark"></span>
                    </label>
                </div>

            </div>

            <!-- Nav tabs -->
            <ul class="nav nav-tabs" id="nav-tabs-container">
                <li class="nav-item active" ng-class="{'has-error': modal.data.type == 'Vulnerability' && modal.data.parents.length == 0}">
                    <a class="nav-link" data-toggle="tab" data-target="#hosts" href="javascript:;">Hosts</a>
                </li>
                <li class="nav-item" ng-class="{'has-error': form.name.$invalid || form.desc.$invalid}">
                    <a class="nav-link active" data-toggle="tab" data-target="#general"
                       href="javascript:;">General</a>
                </li>
                <li class="nav-item">
                    <a class="nav-link" data-toggle="tab" data-target="#technical_details" href="javascript:;">Technical
                        Details</a>
                </li>
                <li class="nav-item">
                    <a class="nav-link" data-toggle="tab" data-target="#tab-evidence" href="javascript:;">Evidence</a>
                </li>
                <li class="nav-item">
                    <a class="nav-link" data-toggle="tab" data-target="#tab-custom-fields" href="javascript:;">Custom Fields</a>
                </li>
            </ul>


            <div class="tab-content">
                <div id="hosts" class="container tab-pane-container tab-pane active"><br>
                    <div class="col-md-12 margin-bottom-15px">
                        <div class="form-horizontal">
                            <div class="tab-pane-header">Target</div>
                            <div class="form-group">
                                <form name="formSearch" role="form">
                                    <div class="col-md-8">
                                    <div class="form-group input-accordion">
                                        <input type="text" ng-model="modal.target_filter" class="form-control input-sm"
                                               placeholder="Search targets" ng-change="modal.currentPage = 1" >
                                        <span class="btn btn-danger" id="btn_clear_search"
                                              ng-if="modal.target_filter != '' && modal.activeSearch == true"
                                              ng-click="modal.clearFilterTargets()"> <i class="fa fa-times"></i></span>
                                    </div>
                                </div>

                                    <div class="col-md-2">
                                    <div class="form-group">
                                        <button type="submit" class="btn btn-success btn-xs" title="Search targets"
                                                ng-click="modal.filterTargets()"
                                                style="height: 30px!important; float: left;"
                                                ng-disabled="modal.target_filter == ''">
                                            Search
                                        </button>
                                    </div>
                                </div>
                                </form>
                                <div class="col-md-2">
                                    <div class="btn-group btn-small-margin">
                                        <button type="button" class="btn btn-default btn-xs" title="Select page"
                                                ng-click="modal.setTargets(true, modal.currentPage*modal.pageSize, modal.pageSize)"
                                                style="height: 30px!important;">
                                            Select page
                                        </button>
                                        <button type="button" class="btn btn-default btn-xs dropdown-toggle"
                                                style="height: 30px!important;"
                                                data-toggle="dropdown"
                                                title="Select options">
                                            <span class="caret"></span>
                                        </button>
                                        <ul class="dropdown-menu dropdown-menu-right" role="menu">
                                            <li ng-show="modal.target_filter && modal.targets_filtered.length > 0">
                                                <a class="ws"
                                                   ng-click="modal.setTargets(true, 0, modal.targets_filtered.length)">Select
                                                    all hosts in search</a>
                                            </li>
                                            <li>
                                                <a class="ws"
                                                   ng-click="modal.setTargets(false, 0, modal.targets.length)">Select
                                                    all
                                                    hosts</a>
                                            </li>
                                            <li>
                                                <a class="ws" ng-click="modal.setTargets(false, 0, 0)">Clear
                                                    selection</a>
                                            </li>
                                        </ul>
                                    </div><!-- .btn-group -->
                                </div>
                            </div>
                            <div class="form-group">
                                <div class="col-md-12">
                                    <uib-accordion close-others="true">
                                        <uib-accordion-group is-open="isopen"
                                                             ng-repeat="host in modal.targets_filtered = modal.targets "
                                                             template-url="scripts/statusReport/partials/accordion-group.html"
                                                             is-disabled="host.services.length < 1">

                                            <uib-accordion-heading>
                                                <a ng-click="modal.setTarget(host)"
                                                   ng-class="{'multi-selected': modal.isParentSelected(host)}">{{host.name}}
                                                    ({{host.hostnames[0]}})</a>
                                            </uib-accordion-heading>
                                            <div class="panel-body" ng-repeat="service in host.services">
                                                <a ng-model="service" ng-click="modal.setTarget(service)"
                                                   ng-class="{'multi-selected': modal.data.parents.indexOf(service) >= 0}">{{service.name}}
                                                    {{service.ports}}</a>
                                            </div>
                                        </uib-accordion-group>
                                    </uib-accordion>

                                    <div class="showPagination"
                                         ng-if="modal.total_rows > modal.targets_filtered.length">
                                        <div class="form-group">
                                            <ul class="pagination">
                                                <li><a ng-hide="modal.currentPage <= 1"
                                                       ng-click="modal.updatePaginator()"><span
                                                        aria-hidden="true">&laquo;</span><span
                                                        class="sr-only">Previous</span></a></li>
                                                <li><a>{{modal.currentPage}}/{{ ((modal.total_rows / modal.pageSize) | integer) + 1}}</a></li>
                                                <li>
                                                    <a ng-hide="modal.currentPage > ((modal.total_rows / modal.pageSize) | integer)"
                                                       ng-click="modal.updatePaginator(true)"><span
                                                            aria-hidden="true">&raquo;</span><span
                                                            class="sr-only">Next</span></a></li>
                                            </ul>
                                            <ng-form name="goToPage">
                                                <div class="col-md-2">
                                                    <input type="number" class="form-control" ng-maxlength="((modal.total_rows / modal.pageSize) | integer)"
                                                           ng-model="modal.newCurrentPage"
                                                           placeholder="Go to page"/>
                                                </div>
                                                <button class="btn btn-danger" ng-click="modal.go()">GO</button>
                                            </ng-form>
                                        </div>
                                    </div>
                                </div>
                            </div>
                            <div class="alert alert-danger target_not_selected" role="alert"
                                 ng-hide="modal.data.parents.length > 0">
                                <span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
                                <span class="sr-only">Error:</span>
                                There is no target selected
                            </div>
                            <div class="alert alert-danger target_not_selected" role="alert"
                                 ng-show="modal.data.type === 'VulnerabilityWeb' && modal.host_parents">
                                <span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
                                <span class="sr-only">Error:</span>
                                Trying to create a Web Vulnerability with one or more Host parents. Please deselect the
                                Host targets or
                                <a href="" ng-click="modal.resetTarget()">click here to deselect all targets</a>
                            </div>
                        </div>

                    </div>
                </div>

                <div id="general" class="container tab-pane-container tab-pane"><br>
                    <div class="col-md-12">
                        <div class="tab-pane-header">Search vulnerability database templates
                            <a
                                    href="https://github.com/infobyte/faraday/wiki/vulnerabilities-database"
                                    target="_blank"><span class="glyphicon glyphicon-question-sign"
                                                          title="Read more about vulnerability templates in the official Faraday Documentation"></span></a>
                        </div>
                        <div class="form-group">
                            <input type="text" ng-model="modal.cwe_selected" class="form-control input-sm"
                                   placeholder="Search for vulnerability templates"
                                   uib-typeahead="cwe as cwe.name for cwe in modal.cweList | filter:{name: $viewValue} | limitTo:10"
                                   typeahead-on-select="modal.populate($item, $model, $label)">
                        </div>
                    </div>

                    <div class="col-md-12 custom-divider"></div>

                    <div class="col-md-12">
                        <div class="tab-pane-header">Name</div>
                        <div class="form-group" ng-class="{'has-error': form.name.$invalid }">
                            <label class="sr-only" for="vuln-name">Vuln name</label>
                            <input type="text" class="form-control input-sm" id="vuln-name" name="name"
                                   placeholder="Name"
                                   ng-model="modal.data.name" required/>
                        </div><!-- .form-group -->
                    </div>

                    <div class="col-md-12">
                        <div class="tab-pane-header">Description</div>
                        <div class="form-group" ng-class="{'has-error': form.desc.$invalid }">
                            <label class="sr-only" for="vuln-data">Vuln description</label>
                            <textarea class="form-control" id="vuln-desc" name="desc"
                                      ng-model="modal.data.desc" required placeholder="Description"
                            style="margin: 0 2px 0 0; height: 239px; width: 810px;"></textarea>
                        </div><!-- .form-group -->
                    </div>


                    <div class="form-group margin-top-22px">
                        <div class="col-md-12">
                            <div class="tab-pane-header">References</div>
                            <div class="input-group margin-bottom-sm">
                                <label class="sr-only" for="vuln-refs">References</label>
                                <input type="text" class="form-control" id="vuln-refs" placeholder="Reference"
                                       ng-model="modal.new_ref"/>
                                <span class="input-group-addon cursor" ng-click="modal.newReference()"><i
                                        class="fa fa-plus-circle"></i></span>
                            </div>
                        </div>
                        <div class="col-md-12 reference" ng-repeat="reference in modal.data.refs">
                            <div class="input-group margin-bottom-sm">
                                <label class="sr-only" for="vuln-refs-create">References</label>
                                <input type="text" class="form-control" id="vuln-refs-create" placeholder="Reference"
                                       ng-model="reference.value" ng-click="modal.openReference(reference.value)"
                                       role="button"
                                       readonly/>
                                <span class="input-group-addon cursor" ng-click="modal.data.refs.splice($index, 1)"><i
                                        class="fa fa-minus-circle"></i></span>
                            </div>
                        </div>
                    </div><!-- .form-group -->


                    <div class="col-md-12 margin-top-22px">
                        <div class="tab-pane-header">Resolution</div>
                        <div class="form-group">
                            <label class="sr-only" for="vuln-data">Vuln resolution</label>
                            <textarea class="form-control" id="vuln-resolution" rows="4"
                                      ng-model="modal.data.resolution" placeholder="Resolution"></textarea>
                        </div><!-- .form-group -->
                    </div>


                    <div class="form-group margin-top-22px">
                        <div class="col-md-12">
                            <div class="tab-pane-header">Policy Violations</div>
                            <div class="input-group margin-bottom-sm">
                                <label class="sr-only" for="vuln-policyviolations">Policy Violations</label>
                                <input type="text" class="form-control" id="vuln-policyviolations"
                                       placeholder="Policy Violations" ng-model="modal.new_policyviolation"/>
                                <span class="input-group-addon cursor" ng-click="modal.newPolicyViolation()"><i
                                        class="fa fa-plus-circle"></i></span>
                            </div>
                        </div>
                        <div class="col-md-12 reference" ng-repeat="policyviolation in modal.data.policyviolations">
                            <div class="input-group margin-bottom-sm">
                                <label class="sr-only" for="vuln-policyviolations-value">Policy Violation</label>
                                <input type="text" class="form-control" id="vuln-policyviolations-value"
                                       placeholder="Policy Violation" ng-model="policyviolation.value" readonly/>
                                <span class="input-group-addon cursor"
                                      ng-click="modal.data.policyviolations.splice($index, 1)"><i
                                        class="fa fa-minus-circle"></i></span>
                            </div>
                        </div>
                    </div><!-- .form-group -->


                    <div class="col-md-12 margin-bottom-15px margin-top-22px">
                        <div class="tab-pane-header">Impact</div>
                        <h4><span ng-repeat="(key, value) in modal.data.impact" class="normal-size"
                                  style="cursor: pointer;">
                        <span ng-class="{'label-impact label-default-impact': !value, 'label-impact label-success-impact': value}"
                              ng-click="modal.toggleImpact(key)">{{key}}</span>
                        </span></h4><!-- .normal-size -->
                    </div>

                </div>

                <div id="technical_details" class="container tab-pane-container tab-pane"><br>
                    <div class="col-md-12">
                        <div class="tab-pane-header">Data</div>
                        <div class="form-group">
                            <label class="sr-only" for="vuln-data">Vuln data</label>
                            <textarea class="form-control" id="vuln-data" rows="5"
                                      ng-model="modal.data.data" placeholder="Data"></textarea>
                        </div><!-- .form-group -->
                    </div>

                    <div class="col-md-6 col-sm-12 col-xs-12" ng-show="modal.data.type === 'VulnerabilityWeb'">
                        <div class="tab-pane-header">Request</div>
                        <div class="form-group">
                            <label class="sr-only" for="vuln-request">Vuln request</label>
                            <textarea class="form-control" id="vuln-request" rows="8"
                                      ng-model="modal.data.request" placeholder="Request"></textarea>
                        </div><!-- .form-group -->
                    </div>

                    <div class="col-md-6 col-sm-12 col-xs-12" ng-show="modal.data.type === 'VulnerabilityWeb'">
                        <div class="tab-pane-header">Response</div>
                        <div class="form-group">
                            <label class="sr-only" for="vuln-response">Vuln response</label>
                            <textarea class="form-control" id="vuln-response" rows="8"
                                      ng-model="modal.data.response" placeholder="Response"></textarea>
                        </div><!-- .form-group -->
                    </div>

                    <div class="margin-top-22px" ng-show="modal.data.type === 'VulnerabilityWeb'">
                        <div class="col-md-4">
                            <div class="tab-pane-header">Method</div>
                            <div class="form-group">
                                <label class="sr-only control-label" for="vuln-method">Method</label>
                                <input type="text" class="form-control" id="vuln-method" placeholder="Method"
                                       ng-model="modal.data.method"/>
                            </div><!-- .form-group -->
                        </div>

                        <div class="col-md-3">
                            <div class="tab-pane-header">Param Name</div>
                            <div class="form-group">
                                <label class="sr-only control-label" for="vuln-pname">Param Name</label>
                                <input type="text" class="form-control" id="vuln-pname" placeholder="Param name"
                                       ng-model="modal.data.pname"/>
                            </div><!-- .form-group -->
                        </div>

                        <div class="col-md-5">
                            <div class="tab-pane-header">Params</div>
                            <div class="form-group">
                                <label class="sr-only control-label" for="vuln-params">Params</label>
                                <input type="text" class="form-control" id="vuln-params" placeholder="Params"
                                       ng-model="modal.data.params"/>
                            </div><!-- .form-group -->
                        </div>

                        <div class="col-md-3">
                            <div class="tab-pane-header">Path</div>
                            <div class="form-group">
                                <label class="sr-only control-label" for="vuln-path">Path</label>
                                <input type="text" class="form-control" id="vuln-path" placeholder="Path"
                                       ng-model="modal.data.path"/>
                            </div><!-- .form-group -->
                        </div>

                        <div class="col-md-2">
                            <div class="tab-pane-header">Status code</div>
                            <div class="form-group">
                                <label class="sr-only control-label" for="vuln-path">Status code</label>
                                <input type="text" class="form-control" id="vuln-status-code" placeholder="Status code"
                                       ng-model="modal.data.status_code"/>
                            </div><!-- .form-group -->
                        </div>

                        <div class="col-md-3">
                            <div class="tab-pane-header">Query</div>
                            <div class="form-group">
                                <label class="sr-only control-label" for="vuln-query">Query</label>
                                <input type="text" class="form-control" id="vuln-query" placeholder="Query"
                                       ng-model="modal.data.query"/>
                            </div><!-- .form-group -->
                        </div>

                        <div class="col-md-4">
                            <div class="tab-pane-header">Website</div>
                            <div class="form-group">
                                <label class="sr-only control-label" for="vuln-website">Website</label>
                                <input type="text" class="form-control" id="vuln-website" placeholder="Website"
                                       ng-model="modal.data.website"/>
                            </div><!-- .form-group -->
                        </div>
                    </div>
                </div>

                <div id="tab-evidence" class="container tab-pane fade"><br>
                    <div class="col-md-12 margin-bottom-15px">
                        <div class="tab-pane-header">Evidence</div>
                        <div class="alert alert-danger normal-size" role="alert" ng-if="modal.file_name_error">
                            <span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
                            <span class="sr-only">Error:</span>
                            Cannot upload evidence starting with underscore, please choose a different name for the
                            file.
                        </div>
                        <div class="form-group normal-size">
                            <input type="file" id="evidence" ng-file-select ng-multiple="true" resetOnClick="false"
                                   ng-file-change="modal.selectedFiles($files, $event)"/>
                            <p class="help-block">Multiple files are allowed.</p>
                        </div><!-- .form-group -->
                        <div id="evidenceFiles" class="normal-size" ng-if="modal.data._attachments">
                            <ul>
                                <li ng-repeat="(name, file) in modal.data._attachments">
                                    <div class="btn-group">
                                        <button type="button" class="btn btn-default"
                                                ng-click="modal.openEvidence(name)">
                                            <span class="fa {{icons[name]}}"
                                                  title="Evidence {{name | decodeURIComponent}}"></span> {{name |
                                            decodeURIComponent}}
                                        </button><!-- ng-repeat -->
                                        <button type="button" class="btn btn-danger"
                                                ng-click="modal.removeEvidence(name)">
                                            <span class="glyphicon glyphicon-trash"></span>
                                        </button>
                                    </div>
                                </li>
                            </ul>
                        </div><!-- #evidenceFiles -->
                    </div>

                </div>

                 <div id="tab-custom-fields" class="container tab-pane-container tab-pane fade"><br>
                     <div ng-if="modal.customFields.length === 0" class="no-info-overlay" style="margin-bottom: 15px;">
                            <p class="no-info-text">
                                No custom fields were found. To create one refer to our
                                <a href="https://github.com/infobyte/faraday/wiki/Custom-Fields" target="_blank">wiki page</a>.
                            </p>
                     </div>
                     <div class="col-md-12 margin-bottom-15px">
                        <div class="col-md-12" ng-repeat="cf in modal.customFields | orderBy : 'field_order'">
                            <custom-field field="{{cf}}"></custom-field>
                        </div>
                     </div>
            </div>
        </div>

        <div class="modal-footer">
            <div class="modal-button btn-toolbar">
                <button class="btn btn-success" ng-click="modal.ok()"
                        ng-disabled="form.$invalid || modal.data.severity === undefined || (modal.data.type === 'VulnerabilityWeb' && modal.host_parents) || modal.data.parents.length == 0">
                    OK
                </button>
                <button class="btn btn-danger" ng-click="modal.cancel()">Cancel</button>
            </div>
        </div>
    </div>
    </div>
</form>
